<?php 
require_once $_SERVER['DOCUMENT_ROOT'].'/inc/core/env.inc.php';

$return["success"] = false;
$return["html"] = null;
$return["error"] = null;

if ($_POST["idu"] > 0 && $_POST["idp"] > 0 && $_USER->asPermission('set_permissions')) {
	
	if ($_POST["add"] == 'true') {
		//add permisison
		$sql = "INSERT INTO ".$_DB->getPrefix()."users_permissions (id_user, id_permission) VALUE (".$_POST["idu"].", ".$_POST["idp"].")";
		$_DB->query($sql);
	} else {
		//delete permisison
		$sql = "DELETE FROM ".$_DB->getPrefix()."users_permissions WHERE id_user = ".$_POST["idu"]." AND id_permission = ".$_POST["idp"]." LIMIT 1";
		$_DB->query($sql);
	}
	
	$return["success"] = true;
} else {
	$return["error"] = 'Error not modify permission.';
}

echo '('.json_encode($return).')';
?>